About
Wael Ghnimi aka 0xW43L
đź‘‹ About Me
Senior Cyber Threat Intelligence Analyst | Former Red Teamer & Blue Teamer | Offensive & Defensive Security Expert
With a strong foundation in both offensive security (Red Team) and defensive operations (Blue Team/SOC), I bring a dual perspective to the Cyber Threat Intelligence (CTI). My career is driven by a passion for uncovering and mitigating threats, blending deep technical expertise with strategic intelligence analysis to safeguard organizations against advanced cyber adversaries.
I thrive on complex challenges, whether it’s tracking sophisticated threat actors, developing custom security tools, or conducting deep-dive investigations into evolving attack vectors. I believe in continuous learning, research, and collaboration to stay ahead in the rapidly changing cyber threat landscape.
Certifications & Professional Achievements
- OSEP (PEN-300) - Experienced Penetration Tester (Advanced Evasion Techniques and Breaching Defenses)
- eWAPTx - Web application Penetration Tester eXtreme
- eJPT - eLearnsecurity Junior Penetration Testing
- arcX - Cyber Threat intelligence Analyst Foundation (101)
- ICTTF - Ransomware Uncovered - Specialist Certificate
- HackTheBox Prolabs: Dante
Research, Projects & Tool Development
Penetration Testing & Red Teaming
- LDAPHunter - LDAP Enumeration Tool: A Python tool automates LDAP enumeration for penetration testers, extracting users, groups, organizational units (OUs), password policies, and other critical Active Directory/LDAP information.
- TBD …
Cyber Threat Intelligence (CTI)
- TBD …
Reverse Engineering (RE) & Malware Analysis (MA)
- TBD …
AI & Machine Learning
- TBD …
Technical Expertise & Training (Learning, Research & Knowledge Base)
This section catalogs the books, courses, tools, and platforms I use to sharpen my skills and stay at the forefront of the field.
Programming
“The only way to learn a new programming language is by writing programs in it” - Brian W. Kernighan
1. C Programming
- Books
- Courses
Cybersec-Beginner (Starting Point …)
Books
Reverse Engineering (RE) & Malware Analysis (MA)
Courses
Tools
- IDA Pro
- Ghidra
- Radare2
- gdb
- Binary Ninja
- OllyDbg
- Immunity Debugger
- x64dbg
- HxD
- Detect it Easy (DiE)
- PE Studio
- DNSpyEx
- System Informer
- Process Hacker
- PE Explorer
- PE Bear
- Resource Hacker
- Process Explorer
Services
- CAPEv2
- UnpacMe
- AnyRun
- Triage
- Hybrid Analysis
- Malpedia
- MalwareBazaar
- Malware Traffic Analysis
- Malware Information Sharing Platform (MISP)
- VirusTotal
- ReversingLabs
- AnyRun
- Cuckoo Sandbox
- Joe Sandbox
- ThreatFox
- ThreatMiner
- ThreatCrowd
- ThreatFox
- MalwareBazaar
- Malshare
- VX Underground
Malware & Exploit Development
Books
- TBD …
Courses
- Windows Internals Courses - Pavel Yosifovich
- RED TEAM Operator: Malware Development Essentials Course - sektor7
Tools
Cyber Threat Intelligence (CTI)
Courses
- GCIA - GIAC Cyber Threat Intelligence
- Cyber Threat Intelligence 101 - ArcX
- Cyber Threat Intelligence Practitioner - ArcX
- Advanced Cyber Threat Intelligence Analyst - ArcX
Books
- Uncertain Shield: The U.S. Intelligence System in the Throes of Reform - by Richard A. Posner (Hoover Studies in Politics, Economics, and Society)
- Deception: The Untold Story of East-West Espionage Today - by Edward Lucas
- Enemies of Intelligence: Knowledge and Power in American National Security - by Richard K. Betts
- The Art of Intelligence - by Henry A. Crumpton
- Spurious Correlations - by Tyler Vigen
- Red Team Development and Operations: A Practical Guide - by Joe Vest
- The US Intelligence Community - by Jeffrey T. Richelson
- Active Measures: The Secret History of Disinformation and Political Warfare - by Thomas Rid
- Intelligence-Driven Incident Response: Outwitting the Adversary - by Scott J. Roberts
- Structured Analytic Techniques for Intelligence Analysis - by Richards J. Heuer Jr.
- Psychology of Intelligence Analysis - by Richards J. Heuer Jr.
- Threat Modeling: Designing for Security - by Adam Shostack
- Intelligence: From Secrets to Policy 8th Edition - by Mark Lowenthal
- Incident Response & Computer Forensics, Third Edition - by Jason T. Luttgens
- Effective Threat Intelligence: Building and Running an Intel Team for Your Organization - by James Dietle
- Visual Threat Intelligence: An Illustrated Guide For Threat Researcher - by Thomas Roccia
- Permanent Record - by Edward Snowden
- The Art of Cyberwarfare: An Investigator’s Guide to Espionage, Ransomware, and Organized Cybercrime - by Jon DiMaggio
Tools
- MISP
- OpenCTI
- TheHive
- Cortex
- Sigma
- YARA
- CAPE
- OSINT Framework
- SpiderFoot
- Maltego
- Recon-ng
- Censys
- Shodan
- ThreatConnect
- Fofa
Platforms
Frameworks
- MITRE ATT&CK
- Diamond Model of Intrusion Analysis
- Cyber Kill Chain
- Cyber Threat Intelligence (CTI) Lifecycle
Data Feeds
- AlienVault Open Threat Exchange (OTX)
- AbuseIPDB
- URLhaus
- PhishTank
- Spamhaus
- Emerging Threats
- CIRCL - MISP Threat Sharing
- Open Threat Exchange (OTX)
- AbuseIPDB
- URLhaus
Services
- Google Threat Intelligence (GTI)
- SOCRadar
- CrowdStrike Intelligence
- FalconFeeds.io
- Quointelligence
- CIRCL - MISP Threat Sharing
- OpenCTI
- MITRE ATT&CK
Vulnerability Assessment & Management
Penetration Testing
Books
Tools
- Cobalt Strike
- Burp Suite Pro
- CrackmapExec
- netexec
- Impacket
- BloodHound
- Responder
- PowerShellMafia
- Metasploit
- Nmap
- Wireshark
- Burp Suite Community Edition
- OWASP ZAP
- SQLMap
EDRs (Detection and Response)
Operating Systems
Cloud Platforms
Version Control
Virtualization & Containerization
Earned Certifications InRelation W/ University
- Fortinet - NSE 2 Network Security Associate
- Fortinet - NSE 1 Network Security Associate
- Microsoft - Microsoft Technology Associate: Security Fundamentals (MTA)
- Microsoft - Microsoft Technology Associate: Networking Fundamentals (MTA)
- Microsoft - Microsoft Technology Associate: Programming Using HTML and CSS
- Microsoft - Microsoft Office Specialist: Microsoft Powerpoint® 2016
- Microsoft - Microsoft Office Specialist: Microsoft Word 2016
